System, method and program product for automatically collecting state information for computer system intrusion analysis
First Claim
1. A system for automatically collecting state information for computer system intrusion analysis, comprising:
- a platform identification system for automatically identifying a type of a platform loaded on a computer system; and
a state system for automatically collecting state information pertaining to a state of the computer system, wherein the state information is located with utilities of the identified platform.
2 Assignments
0 Petitions
Accused Products
Abstract
A system, method and program product for automatically collecting state information for computer system intrusion analysis is provided. Specifically, the present invention is used to automatically collect state information in the event of computer network intrusion. When executed, the present invention will detect a type of a platform operating on a computer system (e.g., the server). Then, using the utilities of the platform, the desired state information will be located and/or collected. Thus, the present invention provides the uniformity of information collection that was not previously possible due to manual collection techniques and varying platform types.
-
Citations
23 Claims
-
1. A system for automatically collecting state information for computer system intrusion analysis, comprising:
-
a platform identification system for automatically identifying a type of a platform loaded on a computer system; and
a state system for automatically collecting state information pertaining to a state of the computer system, wherein the state information is located with utilities of the identified platform. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for automatically collecting state information for computer system intrusion analysis, comprising the steps of:
-
identifying a type of a platform loaded on a computer system;
locating state information pertaining to a state of the computer system using utilities of the identified platform; and
automatically collecting the located state information from the computer system. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A program product stored on a recordable medium for automatically collecting state information for computer system intrusion analysis, which when executed comprises:
-
program code for automatically identifying a type of a platform loaded on a computer system; and
program code for automatically collecting state information pertaining to a state of the computer system, wherein the state information is located with utilities of the identified platform. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
Specification